package com.zsy.provider.config;

import com.zsy.provider.config.exception.CustomAccessDeniedHandler;
import com.zsy.provider.config.exception.CustomOAuth2AuthenticationEntryPoint;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.token.TokenStore;

@Configuration
@EnableResourceServer
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true, jsr250Enabled = true)
public class ResourceServerConfiguration extends ResourceServerConfigurerAdapter {

   // @Autowired
   // AuthExceptionEntryPoint authExceptionEntryPoint;
    @Autowired
    CustomOAuth2AuthenticationEntryPoint customOAuth2AuthenticationEntryPoint;
    @Autowired
    CustomAccessDeniedHandler customAccessDeniedHandler;
    //采用tokenStore
    @Autowired
    private TokenStore tokenStore;
    @Override
    public void configure(HttpSecurity http) throws Exception {
        http
                .exceptionHandling()
                .and()
                .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
                .and()
                .authorizeRequests().antMatchers("/**").permitAll();
                /*.antMatchers("/demo").hasAuthority("SystemContent")
                .antMatchers("/demo/view/**").hasAuthority("SystemContentView")
                .antMatchers("/demo/insert/**").hasAuthority("SystemContentInsert")
                .antMatchers("/demo/update/**").hasAuthority("SystemContentUpdate")
                .antMatchers("/demo/delete/**").hasAuthority("SystemContentDelete");*/
    }

    @Override
    public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
        resources.tokenStore(tokenStore).authenticationEntryPoint(customOAuth2AuthenticationEntryPoint)
                .accessDeniedHandler(customAccessDeniedHandler);
    }
}
